Security Directory

A

Associates in Anesthesia

aiamd.com

56

Associates in Anesthesia, Inc. is a well-established anesthesia services provider operating primarily in Pennsylvania, serving hospitals, ambulatory surgery centers, and office-based care. The company emphasizes clinical expertise and personalized patient care, positioning itself as a premier anesthesia practice with a history dating back to 1961. Their website reflects a professional healthcare service provider with clear service offerings and patient resources. Technically, the website is built on WordPress with modern SEO and analytics tools integrated, providing a good user experience with mobile optimization and accessibility features. Security posture is strong with HTTPS and no visible vulnerabilities, though some security headers and policies could be improved. The absence of WHOIS data is a notable concern for domain legitimacy, but the website content and business information appear credible. Overall, the site is professional and trustworthy but would benefit from enhanced privacy compliance and transparency.

A

An.ywhere

an-ywhere.cz

57

An.ywhere is a Czech Republic-based small retail e-commerce business specializing in functional and design-oriented sports accessories, primarily headbands for running, hiking, and skialpinism. The website presents a professional and consistent brand image with clear product offerings and a focus on sports enthusiasts. The business model is direct online sales with options for custom production. The company maintains active social media channels and provides clear contact information, enhancing customer trust. Technically, the website is built on the Shoptet e-commerce platform, utilizing common web technologies such as jQuery, Google Analytics, Google Tag Manager, and Facebook SDK for marketing and analytics. The site is mobile-optimized, accessible, and SEO-friendly, with a moderate performance profile. Security practices include HTTPS enforcement and CSRF protection on forms, though some security headers are not explicitly confirmed. Security posture is generally good with no visible vulnerabilities or exposed sensitive data. However, the WHOIS data is missing, which reduces domain trustworthiness and raises questions about domain registration legitimacy. Privacy compliance is well addressed with GDPR-compliant privacy and cookie policies and consent mechanisms. Overall, the website is functional, professional, and trustworthy from a user perspective but would benefit from improved transparency in domain registration and enhanced security documentation to strengthen its security posture and business credibility.

The website presbariery.cz represents a Czech non-profit organization, Pražská organizace vozíčkářů, dedicated to promoting accessibility and barrier-free environments. The organization provides services such as accessibility mapping, consulting, educational seminars, and publishes related materials. Their target audience includes students, architects, designers, and people with disabilities, primarily within the Czech Republic. The website is well-branded and supported by governmental and municipal entities, indicating a strong local presence and trust. Technically, the website is built on Joomla CMS with a combination of jQuery, Mootools, and Bootstrap frameworks. It uses Google Analytics for visitor tracking and is hosted on Czech infrastructure consistent with the domain registration. The site shows moderate performance and basic mobile optimization. However, some JavaScript libraries are outdated, and no advanced security headers are detected. From a security perspective, the site uses HTTPS and includes CSRF tokens in forms, but lacks explicit security policies, incident response contacts, and cookie consent mechanisms, which are important for GDPR compliance. No critical vulnerabilities or exposed sensitive data were found, but improvements in security headers and privacy compliance are recommended. Overall, the website is credible and professionally maintained but would benefit from enhanced privacy and security practices to improve compliance and user trust.

M

Metaswitch Networks

metaswitch.com

71

Metaswitch Networks is a cloud native communications software provider specializing in voice core, unified communications, and robocall blocking solutions. The company is positioned as a pioneering software provider in the telecommunications sector and is now part of the parent company Alianza. Their website reflects a professional and modern digital presence built on the HubSpot CMS platform, integrating advanced marketing and analytics tools such as Google Analytics and Hotjar. The site is well-structured, mobile-optimized, and provides comprehensive legal and privacy documentation, indicating a strong commitment to compliance and user privacy. However, direct contact information such as emails or phone numbers is not readily available on the site, which may impact user engagement.

D

Dobříšské listy Online

dlonline.cz

46

Dobříšské listy Online is a regional news media portal serving Dobříš and its surrounding areas in the Czech Republic. Established in 2017, it provides local news, cultural updates, sports, and community information primarily targeting residents of the region. The website is built on WordPress and leverages popular plugins such as Yoast SEO, Contact Form 7, and Cookie Law Info to enhance SEO, user interaction, and privacy compliance. The site maintains a consistent brand presence with a clear logo and social media integration, notably on Facebook. From a technical perspective, the website uses a modern CMS platform with standard plugins and scripts, including Google Analytics for traffic monitoring. The site is mobile optimized and demonstrates good SEO practices with structured data and meta tags. Performance is moderate, with room for improvement in accessibility and security headers. Security posture is adequate with HTTPS enabled and cookie consent mechanisms in place. However, there is no explicit security policy or incident response information publicly available, and security headers are not detected, which could be improved to enhance protection against common web threats. No vulnerabilities or exposed sensitive data were identified in the analysis. Overall, the website presents a trustworthy and professional regional news service with good content quality and compliance with privacy regulations. Strategic recommendations include enhancing security headers, publishing security and incident response policies, and improving accessibility features to strengthen the site's security and user trust.

J

Rozvoz jídel v Praze

jidlo.eu

44

The website jidlo.eu serves as a simple landing page for a food delivery service based in Prague, Czech Republic. It offers home-cooked meals prepared with fresh ingredients using the SOUS VIDE method. However, the site redirects users to the partner restaurant The PUB Praha 6 for placing orders, indicating a business model reliant on partnership rather than direct sales. The site content is minimal but relevant to the hospitality industry, targeting general consumers seeking food delivery services. The business appears small and localized with no explicit corporate information disclosed on the site. Technically, the website uses a moderate technology stack including jQuery, Foundation framework, Font Awesome, and Google Analytics for tracking. The site is mobile optimized and uses HTTPS, but lacks advanced SEO and accessibility features. Security posture is basic with no visible security headers and no forms collecting user data on the landing page, reducing attack surface but also limiting user engagement. Privacy and cookie policies are absent, which is a compliance gap. WHOIS data is unavailable due to EURid privacy restrictions, but the domain appears legitimate with no suspicious indicators. Overall, the site is functional but basic, with room for improvement in transparency, security, and compliance.

T

The PUB

thepub.cz

60

The PUB is a hospitality business operating a chain of pubs primarily in Prague, Czech Republic, with additional locations in Berlin and Bucharest. The business focuses on providing a unique beer experience including self-service beer taps, master bartenders, and beer pouring schools, complemented by food offerings. The website reflects a medium-sized, established hospitality brand with a consistent and professional digital presence. Technically, the site uses common JavaScript libraries such as jQuery and GSAP, and integrates multiple Google Analytics and Tag Manager instances for tracking. However, the site lacks visible privacy and cookie policies, security headers, and explicit contact information, which are important for compliance and trust. The domain is long-standing and registered with a Czech registrar, consistent with the business claims. Overall, the website is well designed and functional but requires improvements in privacy compliance and security posture to enhance trust and regulatory adherence.

Sběratelské zbraně s.r.o. is a Czech Republic-based small retail business specializing in the sale of collectible firearms, primarily from the World War I and II eras. The company operates a niche market model focusing on individual customer consultations and custom orders, emphasizing personalized service rather than a traditional storefront. Their website reflects this business model with detailed product listings, contact information, and legal disclaimers. Technically, the site is built on WordPress using modern frameworks such as Foundation CSS and integrates Google Analytics and reCAPTCHA for analytics and security. While the site is well-structured and SEO-optimized, it lacks some advanced security headers and cookie consent mechanisms, which could be improved for better compliance and security posture. The absence of WHOIS data for the domain is a notable concern, reducing domain trustworthiness despite the professional appearance and clear business information on the site.

C

Coffee Planet

coffee-planet.cz

47

Coffee Planet is an established online retailer specializing in coffee products such as whole bean coffee, ground coffee, coffee capsules, and coffee machines. The website targets coffee consumers primarily in the Czech Republic and offers a broad selection of brands and product categories. The site is built on the PrestaShop e-commerce platform and integrates modern marketing and analytics tools including Google Analytics, Google Tag Manager, and Facebook Pixel. The technical infrastructure is solid with HTTPS enabled and standard security practices in place, although some security headers could be improved. The absence of WHOIS data for the domain is a notable transparency gap, which slightly reduces trustworthiness. Privacy and cookie policies are not clearly presented, indicating room for compliance improvements. Overall, the website provides a professional user experience with good content quality and navigation, making it a reliable platform for coffee product sales.

SV Online, operated by RAK CZ a.s., provides a specialized online voting platform (Signum24.cz) designed for homeowners associations in the Czech Republic. The platform addresses challenges of low attendance at meetings by enabling legally binding remote voting with enhanced security features such as two-factor authentication. The website is built on WordPress with modern front-end frameworks and integrates Google Analytics and reCAPTCHA for user interaction and security. However, the absence of WHOIS data for the domain raises concerns about domain registration legitimacy. The site lacks published privacy and cookie policies, which impacts compliance with GDPR and related regulations. Overall, the business appears niche-focused with a clear value proposition but should improve transparency and compliance documentation.

Půjčovna RK, operated by Autocentrum RK cb s.r.o., is a small vehicle rental business based in České Budějovice, Czech Republic. The company specializes in renting personal cars and motorhomes for both business and recreational purposes. Their offerings include short-term and long-term rentals with additional customer benefits such as free parking during rental periods. The website is professionally designed, providing clear vehicle listings and contact information, targeting local customers seeking reliable vehicle rental services. Technically, the website is built on WordPress CMS using common plugins such as Contact Form 7 and Responsive Lightbox, styled with the Foundation CSS framework. It employs Google Analytics and Google Tag Manager for visitor tracking. The site is mobile-optimized and loads with moderate performance. However, it lacks advanced SEO and accessibility features and does not implement security headers, which could be improved. From a security perspective, the site uses HTTPS with a valid SSL certificate and includes CAPTCHA protection on its contact form, indicating basic security awareness. However, the absence of security headers and privacy/cookie policies indicates gaps in compliance and security best practices. The WHOIS data for the domain is unavailable, which raises concerns about domain legitimacy and trustworthiness. Overall, the website presents a trustworthy and professional front for a local vehicle rental business but would benefit from enhanced security measures, privacy compliance, and domain registration transparency to improve its risk profile and customer trust.

AUTO Kralovice s.r.o. operates a professional used vehicle dealership in the Czech Republic, offering a broad range of automotive services including sales of cars, motorcycles, utility vehicles, trailers, financing options, insurance, servicing, and ecological vehicle disposal. The company targets consumers seeking quality used vehicles and related services, positioning itself as a reliable local provider with a comprehensive service portfolio. The website is built on WordPress with modern technologies and SEO optimizations, providing a good user experience and mobile responsiveness. Security measures include HTTPS and Google reCAPTCHA on forms, but lack of security headers and privacy policies indicate room for improvement. The absence of WHOIS data reduces domain trustworthiness, though the website content and contact information appear legitimate and professional. Overall, the site demonstrates moderate digital maturity with opportunities to enhance compliance and security posture.

R

RAK CZ a.s.

rak.cz

45

RAK CZ a.s. is a well-established Czech real estate company operating since 1990, specializing in property sales, rentals, management, auctions, consulting, and development. The company positions itself as a professional and comprehensive real estate partner offering unique and individualized client services. Their market presence is supported by quality management audits and membership in recognized real estate associations. Technically, the website is built on WordPress with modern plugins and frameworks, including Yoast SEO, Google Analytics, and GDPR-compliant cookie management, reflecting a mature digital infrastructure. Security posture is solid with HTTPS enforcement and reCAPTCHA integration, though some security headers could be improved. The absence of WHOIS data limits domain trust verification, but the website content and business information are consistent and professional. Overall, the site demonstrates good content quality, technical implementation, privacy compliance, and business credibility, making it a trustworthy platform for real estate services in the Czech Republic.

P

Pojišťovací kancelář Plzeň

allianzplzen.cz

43

The website www.allianzplzen.cz represents a local insurance agency operating in Plzeň, Czech Republic, affiliated with the Allianz brand. It offers insurance brokerage services and provides contact points for local customers seeking insurance solutions. The site is designed to serve a regional audience with clear navigation to contact representatives and office locations. Technically, the website is built on WordPress using common plugins such as Contact Form 7 and Toolset Maps, with Google Analytics and Tag Manager integrated for visitor tracking. The site is mobile-optimized and uses HTTPS with a valid SSL certificate, ensuring secure communication. However, the absence of WHOIS data and lack of explicit privacy and terms of service pages indicate areas for improvement in transparency and compliance. Security headers are missing, which could be enhanced to improve security posture. Overall, the website is professional and trustworthy in appearance but would benefit from improved compliance documentation and security hardening.

H

HP Fyzioclinic s.r.o.

hpfyzioclinic.cz

43

HP Fyzioclinic s.r.o. operates a specialized physiotherapy and rehabilitation center primarily serving athletes and patients requiring musculoskeletal therapy in the Czech Republic. The website presents a professional image with detailed team profiles and service descriptions, positioning itself as a local healthcare provider. The business model focuses on delivering specialized health services with a small-scale operation. Technically, the website is built on WordPress with a modern tech stack including jQuery, Slick Carousel, and Foundation framework. It uses HTTPS and integrates Google Analytics and Tag Manager for visitor tracking. The site is moderately optimized for performance and mobile devices but lacks advanced SEO and accessibility features. From a security perspective, the site enforces HTTPS and uses nonce tokens in AJAX calls, but it lacks important security headers such as Content-Security-Policy and HSTS. There is no visible privacy or cookie policy, which raises compliance concerns especially under GDPR. The absence of WHOIS data for the domain reduces trust and raises questions about domain legitimacy. Overall, the website is functional and professional but would benefit from improved privacy compliance, enhanced security headers, and transparent domain registration information to strengthen trust and security posture.

N

Neftis

neftis.com

61

Neftis is a well-established digital agency based in Lorraine, France, specializing in web creation, SEO, digital marketing, hosting, and professional training. With over 20 years of experience and a medium-sized team, the company serves businesses and organizations seeking comprehensive digital communication solutions. The website reflects a professional and consistent brand image with clear service offerings and client references. Technically, the site uses modern analytics tools such as Google Analytics, Piwik PRO, and Microsoft Clarity, and is built on the FlexIT CMS platform. It is mobile-optimized and employs HTTPS with good SSL configuration, ensuring secure user interactions. However, the absence of WHOIS data for the domain raises concerns about domain registration legitimacy, though the website content and contact information support the company's credibility. No critical security vulnerabilities or adult content were detected, and privacy compliance is well addressed with a comprehensive privacy policy and cookie consent mechanism.

E

ESSor Grand Est

essor-grandest.org

9

ESSor Grand Est operates as a regional information portal dedicated to supporting the Social and Solidarity Economy (ESS) in the Grand Est region of France. The platform provides a comprehensive database of accompaniment and financing tools for project leaders, associations, cooperatives, and social enterprises. It also features calls for projects and crowdfunding information, positioning itself as a key resource for ESS actors in the region. The website maintains a professional and consistent brand presence with clear navigation and relevant content tailored to its target audience. Technically, the website employs legacy JavaScript libraries such as jQuery 1.8.3 and integrates Google Analytics and Google Tag Manager for user tracking. While the site loads most resources securely, some external scripts are loaded over HTTP, introducing mixed content risks. The site demonstrates basic mobile optimization and accessibility but lacks advanced SEO and modern frameworks. No CMS or hosting provider details are evident from the source. From a security perspective, the site uses HTTPS for analytics scripts but does not explicitly show security headers or advanced security policies. The use of outdated JavaScript libraries and insecure script loading are notable vulnerabilities. Privacy compliance is minimal, with no cookie consent mechanism detected and only a basic privacy/legal mentions page available. WHOIS data is unavailable, limiting domain trust verification. Overall, the security posture is moderate but requires improvements to meet best practices and regulatory compliance. The overall risk assessment indicates a functional and trustworthy platform for its niche audience but with moderate technical and security shortcomings. Strategic recommendations include updating legacy libraries, enforcing HTTPS for all resources, implementing cookie consent, enhancing security headers, and improving WHOIS transparency to strengthen trust and compliance.

The website 'Acheter Responsable GE' is a regional platform dedicated to promoting goods and services from the Social and Solidarity Economy in the Grand Est region of France. It serves as a directory, resource hub, and event organizer for businesses and organizations interested in responsible purchasing. The platform is supported by regional public entities and managed by the Chambre Régionale de l'Economie Sociale et Solidaire Grand Est, indicating a strong regional presence and trustworthiness. Technically, the site uses a Flexit CMS, integrates Google Analytics and Tag Manager for tracking, and is served over HTTPS, ensuring secure communication. However, the absence of visible privacy and cookie policies and lack of security headers suggest areas for improvement in privacy compliance and security posture. The WHOIS data for the domain is unavailable, which raises concerns about domain registration transparency, but the professional content and public entity support mitigate some of these concerns. Overall, the site presents a good user experience with clear navigation and relevant content for its target audience.

B

Bílý kruh bezpečí, z. s.

linka-pomoci.cz

10

The website www.116006.cz represents a Czech Republic-based non-profit social service operated by Bílý kruh bezpečí, z. s., providing free, 24/7 telephone crisis support to victims of crime and domestic violence. The site is professionally designed, mobile-optimized, and offers clear navigation to key service areas such as domestic violence, stalking, and victims' rights. The technical infrastructure is based on WordPress with Foundation CSS and includes Google Analytics for visitor tracking. Security posture is solid with HTTPS enabled and cookie consent implemented, though security headers and explicit privacy policies are lacking. WHOIS data is missing, which raises some concerns about domain registration transparency but does not detract from the apparent legitimacy of the organization. Overall, the site is trustworthy, safe, and well-positioned to serve its target audience effectively.

B

Bílý kruh bezpečí, z.s.

domacinasili.cz

43

The website www.domacinasili.cz serves as an informational and support platform dedicated to victims of domestic violence in the Czech Republic. It is operated by the non-profit organization Bílý kruh bezpečí, z.s., which provides crisis telephone help, psychological support, legal and social counseling, and public awareness resources. The site is well-branded and targets individuals affected by or concerned about domestic violence, offering practical advice and contact information for assistance. Technically, the website is built on WordPress and uses modern web technologies including jQuery and Google Analytics for tracking. It employs HTTPS for secure communications and includes a cookie consent banner to comply with basic privacy regulations. The site is mobile-optimized and presents a clear navigation structure, although some accessibility features could be improved. From a security perspective, the site benefits from HTTPS but lacks visible security headers and a published privacy policy page, which are important for compliance and user trust. No WHOIS data was retrievable, which limits domain registration trust analysis. No forms collecting personal data were found on the homepage, reducing immediate data protection concerns. Overall, the security posture is moderate but could be enhanced with additional best practices. The overall risk assessment indicates a trustworthy and professional non-profit website with some gaps in privacy compliance and domain transparency. Strategic recommendations include publishing a comprehensive privacy policy, implementing security headers, providing incident response contacts, and verifying domain registration details to improve trust and compliance.

A

AB S.A.

abonline.pl

60

AB Online is a Polish B2B e-commerce platform operated by AB S.A., a large technology distributor. The website provides registered business clients and dealers with access to product catalogs, promotions, and order management. The platform uses a mix of legacy and modern web technologies including jQuery, Bootstrap, and third-party analytics tools such as Google Analytics and New Relic. Security practices include HTTPS enforcement and visitor fingerprinting, but the use of outdated JavaScript libraries and lack of security headers present moderate risks. Privacy and cookie policies are present and GDPR compliant, though terms of service and security policies are not clearly visible. WHOIS data is not publicly available, indicating privacy protection, which is common for commercial domains. Overall, the website is functional and professional but would benefit from technical modernization and enhanced security measures.

T

TRIMA NEWS, s.r.o.

budejckadrbna.cz

48

Budějcká Drbna is a regional news media portal operated by TRIMA NEWS, s.r.o., focused on delivering authentic news and stories from České Budějovice and the South Bohemia region. It offers a variety of news categories including society, crime, sports, and culture, targeting local residents and interested audiences. The site supports user engagement through registration, article saving, and subscription to daily news summaries. Technically, the website employs a modern JavaScript stack with integrations for analytics, advertising, and consent management, ensuring a good user experience across devices. Security posture is solid with HTTPS and consent mechanisms, though some security headers could be improved. The absence of WHOIS data is a notable transparency gap but does not detract from the professional presentation and operation of the site. Overall, the site is a trustworthy and well-maintained regional news source.

O

OLÚp Predná Hora

olup-prednahora.sk

40

OLÚP, n. o. Predná Hora is a well-established non-profit specialized psychiatric healthcare institution in Slovakia, founded in 2006. The organization offers a range of services including inpatient and outpatient psychiatric care, family therapy, and aftercare treatments. The website reflects a professional and trustworthy presence with comprehensive information targeted at patients and interested parties. It maintains a consistent brand identity and demonstrates compliance with GDPR and cookie regulations, enhancing user trust. The institution also actively engages users through social media channels and a dedicated mobile application.

T

The Harnisch Foundation

thehf.org

57

The Harnisch Foundation is a well-established private philanthropic organization focused on creative and progressive social impact initiatives since 1998. Their website reflects a niche foundation with a clear mission to support leadership and community projects such as Funny Girls and Awesome Without Borders. The foundation maintains a professional online presence with consistent branding, clear contact information, and active social media channels. Technically, the site is built on WordPress with modern plugins and integrates analytics and tracking tools for marketing insights. Security posture is adequate with HTTPS and domain transfer protections, though improvements like DNSSEC and security headers are recommended. Privacy compliance is basic with policies present but lacking advanced GDPR indicators. Overall, the site is trustworthy and serves its audience effectively.

F

FairPlé Music CLG-Company Limited by Guarantee

fairple.com

59

FairPlé Music CLG is a small non-profit organization dedicated to promoting gender balance in Irish traditional and folk music. The website serves as an advocacy platform providing resources, reports, and policy recommendations to support equal representation and safer environments within the music community. The organization is registered in Ireland with a clear company registration number and physical address, enhancing its credibility. The website is built on Squarespace, leveraging modern web technologies and standard integrations such as Google Analytics and Facebook Pixel for analytics and marketing purposes. The site is well-designed, mobile-optimized, and provides clear navigation and relevant content for its target audience. Security posture is good with HTTPS enforced and no visible vulnerabilities, though security headers could be improved. Privacy compliance is weak due to the absence of privacy and cookie policies and lack of consent mechanisms. WHOIS data is missing or not publicly available, which reduces trust somewhat but does not negate the legitimacy indicated by business information and content quality.

S

Sailors for the Sea

sailorsforthesea.org

59

Sailors for the Sea is a well-established non-profit organization founded in 2004, dedicated to ocean conservation through community engagement, education, and advocacy. Powered by Oceana, it offers programs such as Clean Regattas, environmental lesson plans for kids, and campaigns addressing plastic pollution and species protection. The website is built on WordPress with modern plugins and technologies, demonstrating a moderate level of digital maturity. Security posture is adequate with HTTPS and Cloudflare DNS, but lacks DNSSEC and security headers. Privacy compliance is weak due to missing privacy and cookie policies. Overall, the site is professional and trustworthy but would benefit from enhanced privacy and security practices.

G

Geri Draws Japan

geridrawsjapan.com

56

Geri Draws Japan is a small-scale e-commerce and content creation business focused on illustration and travel blogging centered around Japanese culture. The website is professionally designed and hosted on Squarespace, featuring an online shop for art prints and related products. The business targets general audiences interested in Japanese culture and art. Technically, the site uses modern web technologies including Google Analytics, Facebook Pixel, and Google reCAPTCHA, with a good mobile-optimized design and moderate performance. Security posture is adequate with HTTPS enabled but lacks advanced security headers such as HSTS and Content-Security-Policy. Privacy compliance is weak due to the absence of privacy and cookie policies. The WHOIS data is missing or inaccessible, which raises concerns about domain registration legitimacy but the active and consistent web presence suggests a legitimate small business. Overall, the site is functional and trustworthy but would benefit from improved security and privacy practices.

G

Guía de la Industria Química

guiaquimica.mx

48

Guía de la Industria Química is a specialized online platform focused on providing comprehensive information, business directories, and advertising opportunities for the chemical industry and related sectors in Mexico. Established in 2011, it serves industry professionals and companies by offering detailed articles, supplier listings, and sector-specific insights. The website positions itself as an important resource within the Mexican chemical manufacturing sector, supporting business decision-making and networking. Technically, the website employs modern front-end technologies including Bootstrap, FontAwesome, Google Fonts, and interactive libraries such as Swiper and AOS for animations. It integrates Google Analytics, Google Tag Manager, and Mouseflow for user behavior tracking and performance monitoring. The site is mobile-optimized and demonstrates good SEO practices, though accessibility features are basic. Hosting details are limited but the domain registrar is consistent with the business location. From a security perspective, the site enforces HTTPS and uses Google reCAPTCHA on forms to mitigate spam. However, it lacks visible security headers such as Content-Security-Policy or X-Frame-Options, which could enhance protection against common web attacks. No privacy or cookie policies are published, indicating compliance gaps with GDPR and other privacy regulations. No incident response or vulnerability disclosure information is provided, which could be improved to strengthen trust. Overall, the website is professional, content-rich, and trustworthy for its target audience but would benefit from enhanced privacy compliance and security hardening. Strategic recommendations include publishing privacy and cookie policies, implementing security headers, and providing clear incident response contacts to improve compliance and security posture.

A

Alexion Pharmaceuticals, Inc.

alexionaccessnavigator.com

63

Alexion Access Navigator is a specialized online platform dedicated to providing US healthcare professionals with access and reimbursement resources for Alexion pharmaceutical products. The website serves as a centralized hub for brand-specific information, prescribing details, and connection to field reimbursement managers, supporting healthcare providers in navigating medication access. The platform is positioned as a trusted resource within the healthcare sector, backed by Alexion Pharmaceuticals, Inc., a large and established pharmaceutical company. Technically, the website employs a modern technology stack including Bootstrap for responsive design, Feather Icons for UI elements, and multiple analytics tools such as Google Analytics, Segment, Mouseflow, and Evergage for user behavior tracking. Hosting is inferred to be on Amazon AWS infrastructure, supported by AWS DNS servers. The site demonstrates good mobile optimization and SEO practices, though accessibility features are basic. Performance is moderate with asynchronous loading of scripts enhancing user experience. From a security perspective, the site enforces HTTPS and has domain-level protections such as clientDeleteProhibited status. However, DNSSEC is not enabled, and no explicit security headers were detected in the provided data. The absence of a cookie consent mechanism despite the use of tracking scripts indicates a privacy compliance gap. No incident response or security policy information is publicly available on the site. Overall, the security posture is solid but could be improved with enhanced headers, DNSSEC, and explicit privacy controls. The website content is professional, safe, and targeted exclusively at healthcare professionals in the US, with no adult or inappropriate content. The domain registration is consistent and legitimate, with no privacy protection masking ownership, and an appropriate domain age for the business. Strategic recommendations include implementing cookie consent, adding security headers, enabling DNSSEC, and publishing security policies to enhance trust and compliance.

S

Státní fond životního prostředí ČR

modernizacni-fond.cz

67

The website represents the official portal of the State Environmental Fund of the Czech Republic (SFŽP ČR), focusing on the Modernization Fund which supports energy and environmental projects. It serves a broad audience including businesses, municipalities, and households, providing detailed information about funding programs, project successes, and future plans. The site is well-branded, consistent, and linked to trusted government and EU resources. Technically, it is built on WordPress with modern plugins and frameworks, offering good mobile optimization and accessibility. Security posture is strong with HTTPS enforced and some security plugins in use, though additional security headers could enhance protection. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Overall, the site is professional, trustworthy, and serves as a critical government resource for environmental funding in the Czech Republic.

A

Acro Jarmila Podzemská

acro-farm.cz

52

ACRO FARM is a small family-operated breeder specializing in colorful miniature horses and Irish cobs, emphasizing healthy animals with excellent character and active participation in driving, jumping, and therapy activities. The website showcases champion horses and provides detailed descriptions of their breeding goals and achievements. Technically, the site is built on the Webnode CMS platform, uses Cloudfront CDN, and integrates Google Analytics for visitor tracking. The site is accessible without WAF or blocking mechanisms but lacks advanced security headers and privacy compliance features. No WHOIS data is available, limiting domain legitimacy verification. Overall, the site serves a niche equestrian audience with basic but functional digital infrastructure.

J

Jezdecké centrum Královický dvůr

kralovickydvur.cz

46

Jezdecké centrum Královický dvůr is a hospitality and equestrian service provider located near Prague, Czech Republic. The business offers a restaurant, accommodation in a historic building, corporate event hosting, and a comprehensive equestrian center. Their target audience includes horse enthusiasts, tourists, families, and corporate clients seeking unique event venues. The website reflects a well-structured and professionally designed platform with clear navigation and relevant content. Technically, the site uses modern JavaScript libraries, Google Analytics, Facebook Pixel, and Typekit fonts, with a CMS likely based on Nette framework. Security posture is moderate with HTTPS usage but lacks explicit security headers and privacy compliance documentation. Contact information is clearly presented with phone numbers and a contact form, but no privacy or cookie policies were found, indicating compliance gaps. Overall, the domain registration is consistent and trustworthy, supporting the legitimacy of the business.

Dostihový spolek a.s. operates as a prominent horse racing organization based in Pardubice, Czech Republic, managing events such as the renowned Velká pardubická race. The company targets horse racing enthusiasts and visitors, providing event calendars, ticketing, and visitor information. The website reflects a medium-sized regional business with a focus on hospitality and transportation services related to horse racing events. Technically, the website is built on WordPress using modern plugins and themes, ensuring good mobile optimization and SEO. Security posture is solid with HTTPS and cookie consent mechanisms, though formal security policies and incident response details are absent. Overall, the site is professional, trustworthy, and compliant with GDPR requirements.

Chuchle Arena Praha, s.r.o. operates a historic and prominent horse racing and equestrian sports venue located in Prague, Czech Republic. The company offers a multifaceted business model including horse racing events, show jumping competitions, event space rental, accommodation services, and a riding academy. The website reflects a well-established business with a strong market position in the Czech equestrian and sports hospitality sector. The target audience includes horse sports enthusiasts, families, tourists, and event organizers. Technically, the website uses a combination of legacy and modern web technologies including jQuery, Google Tag Manager, Google Analytics, Matomo, and Google reCAPTCHA. The site is built on the IPO CMS platform and demonstrates good mobile optimization and SEO practices. However, some technical debt is noted with the use of older JavaScript libraries and missing security headers. From a security perspective, the site enforces HTTPS and implements user consent mechanisms for cookies and tracking, aligning with GDPR requirements. The absence of WHOIS data reduces domain trustworthiness, and the lack of security headers and outdated libraries present moderate security risks. No critical vulnerabilities or exposed sensitive data were detected. Overall, the website is professional, content-rich, and compliant with privacy regulations, but improvements in security headers, updated libraries, and domain registration transparency are recommended to enhance trust and security posture.

K

Kestria ry

kestria.com

68

Kestria ry operates as the world’s largest executive search alliance, connecting boutique executive search firms globally to provide leadership recruitment services across multiple industries and functions. Founded in 2020, the organization has established a strong market position with offices spanning 6 continents, 40+ countries, and 90+ cities, targeting companies seeking executive talent and search firms wishing to join the alliance. The website reflects a professional and consistent brand image with comprehensive content and clear navigation. Technically, the website employs modern web technologies including Google Analytics, Google Tag Manager, Bootstrap, jQuery, and Google Maps API, likely running on a Django backend. The site is mobile-optimized, accessible, and SEO-friendly, with moderate performance. Privacy and cookie policies are well implemented with explicit consent mechanisms, indicating good compliance with GDPR. From a security perspective, the site uses HTTPS and has domain transfer protections in place, but lacks DNSSEC and visible security headers. There is no public security policy or incident response information, nor a vulnerability disclosure policy, which are areas for improvement. No critical vulnerabilities or suspicious content were detected. Overall, Kestria’s website presents a trustworthy and professional digital presence with strong business credibility and privacy compliance. Strategic enhancements in security policies and technical security controls would further strengthen its posture.

A

AFM Productions

afmproductions.fr

49

AFM Productions is a specialized audiovisual production company founded in 1997 by the AFM-Téléthon association, focusing on creating documentaries and educational content about rare genetic diseases and medical research. The company targets a general audience interested in health, science, and social issues, leveraging storytelling to raise awareness and inform the public. The website reflects a professional and consistent brand identity aligned with its mission. Technically, the website is built on Drupal 10 with Bootstrap and uses modern libraries such as Swiper.js for UI components. It integrates Google Analytics and a GDPR-compliant cookie consent mechanism via CookieYes, indicating a mature digital infrastructure. The site is mobile-optimized and accessible, with good SEO practices. From a security perspective, the site uses HTTPS and has implemented cookie consent but lacks explicit security headers and dedicated security or incident response policies. No vulnerabilities or exposed sensitive data were detected. The absence of WHOIS data limits domain legitimacy verification, but the website content and contact information suggest a trustworthy entity. Overall, the site presents a low-risk profile with good compliance and technical standards, though improvements in security headers and transparency policies are recommended.

FerreroSuppliers.com is a professional B2B portal designed to facilitate supplier engagement for Ferrero, a major confectionery manufacturer. The website provides access to various supplier-related applications including responsible sourcing, purchase order and invoice management, catalogues, quality specifications, and delivery tracking. It also offers a supplier application form to onboard new suppliers. The site is well-branded, consistent with Ferrero's corporate identity, and targets suppliers globally. Technically, the site is built on Drupal 10, uses modern JavaScript libraries like Glide.js, and integrates Google Analytics and OneTrust for tracking and cookie consent. Hosting includes Amazon S3 for static assets, indicating a hybrid hosting approach. Security posture is good with HTTPS enforced and cookie consent mechanisms in place, though explicit security headers and published security policies are absent. The absence of WHOIS registration data is a notable anomaly, reducing trust slightly despite the professional presentation. Overall, the site is functional, secure, and compliant with basic privacy standards, serving its business purpose effectively.

S

Stanford Medicine

stanfordmedicine.org

58

Stanford Medicine is a large, integrated academic health system focused on research, education, and clinical care. The website reflects a professional and consistent brand presence with rich content about medical research breakthroughs, clinical trials, and patient care. Technically, the site uses Adobe Experience Manager CMS, integrates video content via Kaltura, and employs Google Analytics and Tag Manager for tracking. Security posture is good with HTTPS and domain protections, but lacks DNSSEC and explicit security policies. Privacy compliance is weak due to missing privacy and cookie policies. Overall, the site is trustworthy and authoritative in the healthcare sector.

B

Büro Bum Bum

buerobumbum.com

52

Büro Bum Bum is a small creative collective specializing in visual communication and design, based in Berlin, Germany. The website serves as a showcase portfolio highlighting various projects including screenprints and illustrations. The business appears to be well-established with a domain age dating back to 2013, consistent with the company's founding period. The target audience is general, focusing on clients interested in creative visual communication services. Technically, the website is built using Angular 16, employs responsive design, and integrates Google Analytics with IP anonymization, indicating a moderate level of digital maturity. However, there are gaps in privacy compliance as no privacy or cookie policies are present, and no consent mechanisms are implemented. Security posture is adequate with HTTPS enabled but lacks important security headers and DNSSEC is not enabled. Overall, the website is professional and trustworthy but would benefit from enhanced privacy and security measures.

H

Hellenic Hydrocarbons and Energy Resources Management Company (HEREMA)

herema.gr

57

The Hellenic Hydrocarbons and Energy Resources Management Company (HEREMA) is a Greek governmental entity responsible for licensing and managing the development of Greece's energy resources, including hydrocarbon exploration and production, carbon capture and storage (CCS), underground gas storage (UGS), and offshore wind projects. The website reflects a professional and authoritative presence, targeting energy sector stakeholders, government officials, and industry professionals. It provides structured information about its mandate, regulatory frameworks, and ongoing projects, positioning itself as a key national authority in energy resource management. Technically, the website is built on WordPress and incorporates modern technologies such as Google reCAPTCHA for form security and CookieYes for cookie consent management. The site is mobile-optimized and includes SEO best practices, although accessibility features could be improved. Analytics are implemented via Google Analytics and YouTube embedded content, with a clear cookie consent mechanism in place. From a security perspective, the site enforces HTTPS and uses reCAPTCHA to mitigate automated abuse. However, it lacks visible security headers and published security policies or incident response information. No vulnerabilities or suspicious content were detected. Privacy compliance is partial, with cookie consent but no explicit privacy policy or terms of service pages found. Overall, HEREMA's website demonstrates a solid digital presence with good business credibility and moderate technical maturity. Strategic improvements in privacy documentation, security headers, and accessibility would enhance its security posture and compliance standing.

I

INTEC S.A.

intec.gr

53

INTEC S.A. is a well-established Greek company specializing in providing digital solutions, products, and services to the industrial and energy sectors within Greece. The company positions itself as a leading supplier in the Greek industrial market, offering key services such as installation, training, maintenance, mechanical installation supervision, and cybersecurity solutions. The website reflects a professional B2B business model targeting industrial clients and energy companies. Technically, the website is built on Joomla CMS with modern frontend technologies including Bootstrap 5, jQuery, and Font Awesome, and it is optimized for mobile devices with good accessibility features. The presence of Google Analytics indicates moderate user tracking with a cookie consent mechanism in place, although a formal privacy policy is missing. Security posture is adequate with HTTPS enabled and accessibility tools implemented, but lacks explicit security headers and published security policies. Overall, the domain registration data aligns well with the business claims, supporting the legitimacy of the company and its online presence.

reNews (operated by Renews Ltd) is a well-established renewable energy news platform founded in 2002, providing comprehensive coverage of offshore wind, onshore wind, solar, wave & tidal, energy storage, finance, grid, hydro, and industry people. The website targets renewable energy professionals, investors, and enthusiasts, offering news articles, daily newsletters, company profiles, and premium subscription content. Technically, the site uses modern web technologies including jQuery, Google Analytics, Google reCAPTCHA, and ShareThis, hosted behind Cloudflare DNS. The CMS is Umbraco, and the site is mobile-optimized with moderate performance. Security posture is decent with HTTPS and clientTransferProhibited domain status, but lacks DNSSEC and security headers. Privacy compliance is basic with a terms and conditions page referencing privacy but no dedicated privacy or cookie policy pages or consent mechanisms. Overall, the site is professional and trustworthy with room for improvement in security and privacy transparency.

Ε

ΕΛΕΤΑΕΝ

eletaen.gr

61

ΕΛΕΤΑΕΝ is a Greek scientific association dedicated to wind energy, providing information, advocacy, and educational resources to the public and stakeholders. The website serves as a comprehensive portal featuring news, statistics, events, and campaigns related to renewable energy in Greece. Technically, the site is built on WordPress with modern plugins such as Elementor and Yoast SEO, ensuring good SEO and user experience. Security posture is solid with HTTPS and cookie consent mechanisms, though some security headers could be improved. Overall, the site is professional, trustworthy, and compliant with GDPR requirements, though explicit contact details and security policies could be enhanced for better transparency and incident readiness.

D

DeTect, Inc.

detect-inc.com

55

DeTect, Inc. is a specialized technology company focused on advanced radar and remote sensing systems primarily serving the wind energy, aviation safety, and security sectors. Established in 2003, the company offers a range of products including bird and drone detection radars, security surveillance radars, and mitigation systems designed to enhance environmental protection and flight safety. Their market position is that of a niche leader with a strong focus on B2B clients requiring sophisticated detection technologies. The website infrastructure is built on WordPress with Elementor, leveraging modern web technologies such as Google Tag Manager, Google Analytics, and CookieYes for consent management. The site demonstrates good digital maturity with responsive design, SEO optimization via Yoast SEO Premium, and basic accessibility features. Performance is moderate, with room for optimization. Security posture is solid with HTTPS enforced and Google reCAPTCHA implemented to prevent spam and bot attacks. However, the site lacks explicit security policies, incident response contacts, and vulnerability disclosure mechanisms, which are recommended for enhanced trust and compliance. Privacy compliance is well addressed with a comprehensive privacy policy and a granular cookie consent mechanism aligned with GDPR requirements. Overall, the website presents a professional and trustworthy front for DeTect, Inc., with strong business credibility and technical implementation. Strategic improvements in security transparency and performance optimization could further enhance their digital presence and risk posture.

P

Pennsylvania CareerLink® Delaware County

pacareerlinkdelco.org

59

Pennsylvania CareerLink® Delaware County operates as a government employment office serving Delaware County, Pennsylvania. The organization connects job seekers with employers and provides free career resources including job matching, resume development, training opportunities, and specialized programs for veterans, young adults, and older job seekers. The website reflects a local government service with a clear focus on workforce development and community support. The business model is government-funded and targets residents and employers within the county. The site is well-branded and consistent with official government employment services. Technically, the website is built on WordPress using the Elementor page builder and Astra theme, supported by Cloudflare DNS and Tucows as the registrar. It integrates common analytics and marketing tools such as Google Analytics, Google Tag Manager, and Facebook Pixel. The site is mobile-optimized and performs moderately well, with good SEO and accessibility basics. However, some technical security enhancements like DNSSEC and security headers are missing. From a security perspective, the site uses HTTPS and avoids exposing sensitive data. However, it lacks explicit security headers and does not provide a privacy or cookie policy, which are important for compliance and user trust. No vulnerability disclosure or incident response information is available. The domain registration data is consistent and legitimate, supporting the site's credibility. Overall, the website is a trustworthy and professional government resource but would benefit from improved privacy compliance and enhanced security configurations to strengthen user trust and regulatory adherence.

PA Sports is a collaborative sports tourism organization representing 13 member destinations across Pennsylvania, aiming to attract and service quality sports events. The website is professionally designed, mobile-optimized, and uses modern web technologies including RequireJS, jQuery, and Google Tag Manager. The site employs HTTPS and a consent management platform to manage user privacy preferences. However, no explicit privacy policy or terms of service were found on the analyzed page, and no contact information is readily available. The WHOIS data for the domain is missing, which raises concerns about domain registration transparency but does not necessarily indicate illegitimacy given the professional nature of the site. Overall, the website presents a good security posture with room for improvement in privacy compliance and domain registration transparency.

V

Visit Philadelphia

visitphilly.com

59

Visit Philadelphia operates as the official tourism and visitor information website for the city of Philadelphia, providing comprehensive resources including hotels, events, dining, and local attractions. The site targets tourists, families, and culture enthusiasts, positioning itself as the authoritative source for planning visits to Philadelphia. The business model centers on destination marketing and travel facilitation, leveraging partnerships with local hotels and event organizers. Technically, the website is built on WordPress with a modern tech stack including Google Analytics, Klaviyo, and various advertising and tracking integrations, ensuring good SEO, mobile optimization, and user experience. Security posture is strong with HTTPS, security headers, and no visible vulnerabilities, though it lacks a public security policy or incident response information. The absence of WHOIS registration data is unusual but does not detract significantly from the site's legitimacy given its professional presentation and official branding. Overall, the website is a well-maintained, trustworthy resource for Philadelphia tourism.

O

Orion - tvoríme vašu domácnosť

oriondomacepotreby.sk

66

Orion - tvoríme vašu domácnosť is a well-established retail business operating both an e-commerce platform and a network of 41 physical stores primarily in Slovakia. The company specializes in household goods, kitchenware, and related products, targeting general consumers seeking quality and affordable home products. The website demonstrates a mature digital presence with comprehensive product listings, promotional content, and customer support features. Technically, the site employs modern tracking and marketing technologies including Google Analytics, Facebook Pixel, and Bing Ads, alongside a cookie consent mechanism compliant with GDPR. Security posture is solid with HTTPS enforced and no exposed sensitive data, though explicit security policies and incident response contacts are absent. Overall, the site is professional, accessible, and trustworthy, with room for improvement in legal documentation and security transparency.

G

Groupe Sonatel

sonatel.sn

56

Groupe Sonatel is the leading telecommunications operator in Senegal, providing comprehensive fixed, mobile, internet, and data services. The company maintains a strong market position as the first operator in the region, with subsidiaries in Mali, Guinea, Sierra Leone, and Guinea Bissau. The website reflects a professional corporate presence with clear branding and a focus on business customers, investors, and the general public. Technically, the site is built on WordPress with modern plugins and SEO optimizations, offering good mobile responsiveness and user experience. Security posture is solid with HTTPS enforced and spam protections, though some improvements like DNSSEC and security headers could enhance it further. Privacy compliance is partially addressed with a comprehensive privacy policy but lacks cookie consent mechanisms. Overall, the site is trustworthy and credible, supporting Sonatel's business objectives effectively.

S

SSL For Free

sslforfree.com

63

SSL For Free is a technology-focused website offering free SSL certificates issued quickly for one or multiple domains, including support for wildcards and ACME protocol. The service targets website owners and administrators seeking to secure their sites with HTTPS at no cost. The website is positioned as a niche provider leveraging the ZeroSSL infrastructure, evident from related domains and cookie consent data. The business model centers on providing free SSL certificates with tutorials and user support, catering to a broad audience of webmasters and developers. Technically, the website employs modern analytics tools such as Google Analytics, Google Tag Manager, Ahrefs Analytics, and Cookiebot for cookie consent management, indicating a mature digital infrastructure. The site is mobile-optimized with good SEO practices and uses HTTPS exclusively, ensuring secure communications. However, no explicit CMS or hosting provider is identified, and some security headers are missing, suggesting room for technical improvements. From a security perspective, the site demonstrates good practices with HTTPS enforcement and cookie consent mechanisms. No critical vulnerabilities or exposed sensitive data were detected in the HTML content. The absence of a security.txt file and public incident response policies indicates an opportunity to enhance transparency and security posture. The WHOIS data is unavailable, which reduces trustworthiness from a domain registration perspective but does not necessarily indicate malicious intent given the legitimate content and related domains. Overall, SSL For Free presents a trustworthy and professional service with a strong focus on free SSL certificate issuance. Strategic recommendations include improving WHOIS transparency, adding security headers, publishing security policies, and enhancing contact information visibility to bolster business credibility and security compliance.